Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

redirect unsecure to secure

Discussion in 'General Discussion' started by bobbybobbertson, Sep 11, 2003.

  1. bobbybobbertson

    bobbybobbertson Well-Known Member

    Joined:
    May 30, 2003
    Messages:
    54
    Likes Received:
    0
    Trophy Points:
    156
    I found out that cpanel does have https connections for users webmail, however its not that easy to remember, because there is a port number involved.

    This is unsecure and works:
    http://www.userdomain.com/webmail

    this is SECURE and works:
    https://www.userdomain.com:2083

    this, strangely does not work:
    https://www.userdomain.com/webmail


    Can I easily force all users to use the encrypted connection. In other words can I redirect http://www.userdomain.com/webmail
    to point to https://www.userdomain.com:2083

    cPanel.net Support Ticket Number:
     
  2. GOT

    GOT Get Proactive!
    PartnerNOC

    Joined:
    Apr 8, 2003
    Messages:
    912
    Likes Received:
    5
    Trophy Points:
    168
    Location:
    Chesapeake, VA
    cPanel Access Level:
    DataCenter Provider
    You can set up an alias in the httpd.conf file. There are a lot of them already in there, even for secur control panel and secure webmail. Or you can add your own.

    Be sure to restart httpd after changing.

    cPanel.net Support Ticket Number:
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  3. bobbybobbertson

    bobbybobbertson Well-Known Member

    Joined:
    May 30, 2003
    Messages:
    54
    Likes Received:
    0
    Trophy Points:
    156
    the alias's in the httpd.conf file point to cgi programs. If I edit those files to point somewhere else, will my changes get overwritten when cpanel updates its scripts?

    If I make changes to the httpd.conf file, will they get overwritten next time I compile apache?
     
  4. Stefaans

    Stefaans Well-Known Member

    Joined:
    Mar 5, 2002
    Messages:
    456
    Likes Received:
    3
    Trophy Points:
    318
    Location:
    Vancouver, Canada
    I think it will work if you made a copy of your /usr/local/cpanel/base/wredirect.cgi script to say securewredirect.cgi. Edit the file and change the two references to port 2095 to 2096. Finally set up the alias in your httpd.conf to use your new script.

    cPanel.net Support Ticket Number:
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  5. JayLevine

    JayLevine Active Member

    Joined:
    Nov 25, 2002
    Messages:
    27
    Likes Received:
    0
    Trophy Points:
    151
    Location:
    New Mexico
    I edit the wredirect.cgi, changing all the http https and changing the port #.

    This way anyone typing /webmail will automatically get https. Cpanel overwrites this when upgrading, so you'll need to change it after an upgrade.

    From what I've seen this is the easiest way to force webmail to SSL.

    Jay

    cPanel.net Support Ticket Number:
     
  6. jamesbond

    jamesbond Well-Known Member

    Joined:
    Oct 9, 2002
    Messages:
    738
    Likes Received:
    1
    Trophy Points:
    168
    This will work only for namebased accounts though.
    I just tried it with IP based accounts and it doesn't work since http://www.domain.com/webmail is forwarded to http://www.domain.com:2096.

    It should be forwarded to https://www.domain.com:2096

    Is there an 'easy' way to accomplish this?


    Update:

    Nevermind, I was not totally awake yesterday :) It works perfectly.
     
    #6 jamesbond, Oct 16, 2003
    Last edited: Oct 17, 2003
  7. aress24x7

    aress24x7 Member

    Joined:
    Aug 2, 2003
    Messages:
    18
    Likes Received:
    0
    Trophy Points:
    151

    To resolve this, try following,

    1) Login to shell as root
    2) copy file wredirect.cgi from /usr/local/cpanel folder to securewredirect.cgi
    3) Now edit securewredirect.cgi and replace the IF loop by following,

    if (($ENV{'HTTPS'} eq "on" || $CPCONF{'alwaysredirecttossl'}) && $CPCONF{cpredirecthostname}) {
    $rdhost = hostname();
    }

    if ($port eq "") { $port = '2096'; }

    if (${rdhost} ne "") {
    print "Location: https://${rdhost}:${port}\n\n";
    exit;
    }

    print "Location: https://$ENV{'REMOTE_ADDR'}:${port}\n\n";

    Please make sure that you have replaced only If loop, not whole file. Save changes and restart httpd.

    :)
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice